<?php 
$dbconnect = mysql_connect('localhost', 'root', '') or die("Couldn't connect to 'localhost' " . mysql_error() );
$dbselect = mysql_select_db('kursus_staf', $dbconnect) or die("Trouble selecting the 'kursus_staf'");
if (!function_exists('sql_val')) {
     function sql_val( $input ) {
          if ( get_magic_quotes_gpc() ) {
               $input = stripslashes( $input );
          } //get_magic_quotes_gpc()
          return ( "'" . mysql_real_escape_string( $input ) . "'" );
     }
} //end function not exist
if ( !function_exists( 'clean' ) ) {
     function clean( $input, $type="", $no_tags="" ) {
          if ($no_tags != "") {
               $input = trim(strip_tags($input));
          }
          if ($type != "") {
               if (strlen(strstr($type,"("))>0) {
                    $split = explode("(", $type);
                    $type = $split['0'];
                    $limit = str_replace(")", "", $split['1']);

                    if ( ($type == "int") && (!is_int($input)) ) {
                         $input = (int)substr($input, 0, $limit);
                    } else {
                         $input = substr($input, 0, $limit);
                    }
               }
          }
          if ( get_magic_quotes_gpc() ) {
               $input = stripslashes( $input );
          } 
          if ( @mysql_ping() != "" ) {
               $input = mysql_real_escape_string( $input );
          } else {
               $search = array("\x00", "\n", "\r", "\\", "'", "\"", "\x1a");
               $replace = array("\\x00", "\\n", "\\r", "\\\\" ,"\'", "\\\"", "\\x1a");
               $input = str_replace($search, $replace, $input);
          }
          return $input;
     } //end function
} //end function not exist
if (!function_exists('reverb')) {
     function reverb($value) {
          return htmlspecialchars(stripslashes($value));
     }
}//end functin not exists
if (!function_exists('print_x')) {
     function print_x($value) {
          echo '<pre>';
          print_r($value);
          echo '</pre>';
     }
}//end functin not exists
if (isset($_POST['id'])) { 
     $id = isset($_POST['id']) ? clean($_POST['id'], "int(11)") : "";
     $gred = isset($_POST['gred']) ? clean($_POST['gred'], "varchar(255)") : "";
     $tempoh_perkhidmatan = isset($_POST['tempoh_perkhidmatan']) ? clean($_POST['tempoh_perkhidmatan'], "varchar(255)") : "";
     $scdp = isset($_POST['scdp']) ? clean($_POST['scdp'], "text") : "";
     $cdp = isset($_POST['cdp']) ? clean($_POST['cdp'], "text") : "";
     $skim = isset($_POST['skim']) ? clean($_POST['skim'], "varchar(255)") : "";
     $jawatan = isset($_POST['jawatan']) ? clean($_POST['jawatan'], "varchar(255)") : "";
     $jabatan = isset($_POST['jabatan']) ? clean($_POST['jabatan'], "varchar(255)") : "";
}

if (isset($_POST['id'])) { 
$id = clean($_POST['id']);

if (mysql_numrows(mysql_query('SELECT `id` FROM maklumat_kursus WHERE `id` = '.sql_val($id))) >= 1) {

     $query = 'UPDATE maklumat_kursus SET 
          `id` = '.sql_val($id).', 
          `gred` = '.sql_val($gred).', 
          `tempoh_perkhidmatan` = '.sql_val($tempoh_perkhidmatan).', 
          `scdp` = '.sql_val($scdp).', 
          `cdp` = '.sql_val($cdp).', 
          `skim` = '.sql_val($skim).', 
          `jawatan` = '.sql_val($jawatan).', 
          `jabatan` = '.sql_val($jabatan).' 
     WHERE `id` = '.sql_val($id);

/*<!-- NOT in safe mode!! -->*/

$result = mysql_query($query) or die('<p class="db_error"><b>A fatal MySQL error occurred while trying to update <b>'.reverb($_POST['id']).'</b> in the database.</b><br />Query: '.$query.'<br />Error: ('.mysql_errno().') '.mysql_error().'</p>');
if ($result) $db_message = '<p class="db_success">Successfully updated <b>id : '.reverb($_POST['id']).'</b> in the database!!</p>';
//print_x($query);
}//end if more than or equal to 1
else { $db_message = '<p class="db_error">There are no entries where <b>id = '.reverb($_POST['id']).'</b> </p>'; }
/*<!-- NOT in safe mode!! -->*/

}//end if isset POST id
?>


<!-- #### Start #### Page #### Display #### -->

<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Maklumat Kursus Form</title>
<meta name="keywords" content="#customize#" />
<meta name="description" content="#customize#" />
<link rel="stylesheet" href="#customize#" type="text/css" />
<link rel="icon" href="#customize#" type="image/x-icon" />
<!--[if gte IE 7]><link rel="stylesheet" type="text/css" href="#customize#" media="screen, projection" /><![endif]-->
<!--[if IE 6]><link rel="stylesheet" type="text/css" href="http://universal-ie6-css.googlecode.com/files/ie6.0.3.css" media="screen, projection" /><![endif]-->
<style type="text/css">
.db_success { background-color: #91CB00; border: 1px solid #91CB00; border-radius: 5px; box-shadow: 1px 1px 0 #fff inset, -1px -1px 0 #fff inset; color: #F9F9F9; display: inline-block; margin: 10px 0; padding: 10px; }
.db_success b { background-color: #F9F9F9; border: 1px solid #F9F9F9; border-radius: 5px; box-shadow: 1px 1px 0 #91CB00 inset, -1px -1px 0 #91CB00 inset; color: #91CB00; display: inline-block; margin: 2px 0; padding: 2px; }
.db_error { background-color: #C91F2C; border: 1px solid #C91F2C; border-radius: 5px; box-shadow: 1px 1px 0 #fff inset, -1px -1px 0 #fff inset; color: #F9F9F9; display: inline-block; margin: 10px 0; padding: 10px; }
.db_error b b,.db_error b { background-color: #f6f6f6; border: 1px solid #f6f6f6; border-radius: 5px; box-shadow: 1px 1px 0 #C91F2C inset, -1px -1px 0 #C91F2C inset; color: #C91F2C; display: inline-block; margin: 2px 0; padding: 2px; }
pre { background-color: #999; border: 1px solid #999; border-radius: 5px; box-shadow: 1px 1px 0 #fff inset, -1px -1px 0 #fff inset; color: #F9F9F9; display: inline-block; margin: 10px 0; padding: 10px; text-align:left;}
pre b { background-color: #F9F9F9; border: 1px solid #F9F9F9; border-radius: 5px; box-shadow: 1px 1px 0 #999 inset, -1px -1px 0 #999 inset; color: #999; display: inline-block; margin: 2px 0; padding: 2px; }
</style>
</head>
<body id="maklumat_kursus_form">
<section class="db_message">
<?php if (isset($db_message)) echo $db_message; ?>
</section>
<header>
<nav>
<!-- #customize# -->
</nav>
</header>
<section class="form_container">
<?php if (!isset($_POST['select'])) { 
echo '<form action="" method="POST" id="maklumat_kursus_selector" name="maklumat_kursus_selector" >';
echo '<fieldset>';
echo '<legend> Maklumat Kursus </legend>';
echo '<select id="" name="select" class="">';
echo '<option value=""><!-- Blank --></option>';
$query = 'SELECT `id`, `gred` FROM maklumat_kursus';
$result = mysql_query($query) or die('<p class="db_error"><b>A fatal MySQL error occurred while trying to save <b>'.reverb($_POST['id']).'</b> to the database.</b><br />Query: '.$query.'<br />Error: ('.mysql_errno().') '.mysql_error().'</p>');
while ($row = mysql_fetch_assoc($result)) { 
  echo '<option value="'.$row['id'].'">'.$row['gred'].'</option>';
}//end while
echo '</select>';
echo '<input type="submit" value="Submit" />';
echo '</fieldset>';
echo '</form>';
}//end if not isset
if (isset($_POST['select'])) {
$query = 'SELECT * FROM maklumat_kursus WHERE `id` = '.sql_val($_POST['select']);
$result = mysql_query($query) or $db_message = '<p class="db_error"><b>A fatal MySQL error occurred while trying to save <b>'.reverb($_POST['id']).'</b> to the database.</b><br />Query: '.$query.'<br />Error: ('.mysql_errno().') '.mysql_error().'</p>';
if ($result) $db_message = '<p class="db_success">Successfully saved <b>id : '.reverb($_POST['id']).'</b> to the database!!</p>';
$result = mysql_fetch_array($result);
          if (isset($result['id'])) $id = $result['id']; else $id = "";
          if (isset($result['gred'])) $gred = $result['gred']; else $gred = "";
          if (isset($result['tempoh_perkhidmatan'])) $tempoh_perkhidmatan = $result['tempoh_perkhidmatan']; else $tempoh_perkhidmatan = "";
          if (isset($result['scdp'])) $scdp = $result['scdp']; else $scdp = "";
          if (isset($result['cdp'])) $cdp = $result['cdp']; else $cdp = "";
          if (isset($result['skim'])) $skim = $result['skim']; else $skim = "";
          if (isset($result['jawatan'])) $jawatan = $result['jawatan']; else $jawatan = "";
          if (isset($result['jabatan'])) $jabatan = $result['jabatan']; else $jabatan = "";
?>
<form action="" method="POST" id="maklumat_kursus" name="maklumat_kursus" >
<fieldset>
<legend> Maklumat Kursus </legend>
     <label for="id">Id</label>
          <input type="number" value="<?php if (isset($id)) echo reverb($id); ?>" class="" id="" name="id" maxlength="11" min="" max="" step="" />

     <label for="gred">Gred</label>
          <input type="text" value="<?php if (isset($gred)) echo reverb($gred); ?>" class="" id="" name="gred" maxlength="255" />

     <label for="tempoh_perkhidmatan">Tempoh Perkhidmatan</label>
          <input type="text" value="<?php if (isset($tempoh_perkhidmatan)) echo reverb($tempoh_perkhidmatan); ?>" class="" id="" name="tempoh_perkhidmatan" maxlength="255" />

     <label for="scdp">Scdp</label>
          <textarea class="" id="" name="scdp" rows="" cols="" ><?php if (isset($scdp)) echo reverb($scdp); ?></textarea>

     <label for="cdp">Cdp</label>
          <textarea class="" id="" name="cdp" rows="" cols="" ><?php if (isset($cdp)) echo reverb($cdp); ?></textarea>

     <label for="skim">Skim</label>
          <input type="text" value="<?php if (isset($skim)) echo reverb($skim); ?>" class="" id="" name="skim" maxlength="255" />

     <label for="jawatan">Jawatan</label>
          <input type="text" value="<?php if (isset($jawatan)) echo reverb($jawatan); ?>" class="" id="" name="jawatan" maxlength="255" />

     <label for="jabatan">Jabatan</label>
          <input type="text" value="<?php if (isset($jabatan)) echo reverb($jabatan); ?>" class="" id="" name="jabatan" maxlength="255" />

<input type="submit" value="Submit" />
</fieldset>
</form>
<?php } ?>
</section>
<footer class="container">
&copy;<?php date_default_timezone_set('America/Chicago'); echo date("Y"); ?> Maklumat Kursus Form <!-- #customize# -->
</footer>
</body>
</html>